package com.barber.filter;

/**
 * Filter的用途
 * 1. 解决中文乱码问题
 * 2. 权限访问控制
 * 3. 过滤敏感词汇
 * 4. 压缩响应信息
 */

import org.apache.log4j.Logger;

import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;

@WebFilter(filterName = "myfilter", urlPatterns = "/*")
public class MyFilter implements Filter {//过滤器
    Logger logger = Logger.getLogger(MyFilter.class);

    String adminURI="/admin/login;/admin/logout;/admin/getinfo;/admin/update" +
            "/barber/select;/barber/insert;/barber/delete;/barber/update" +
            "/customer;/customer/insert;/customer/delete;/customer/update"+
            "/style;/style/upload;/style/insert;/style/delete;/style/update"+
            "/order;/order/delete;/order/getAllBarber;/order/update";
    String customerURI="/customer/login;/customer/logout;" +
            "/customer/select;/customer/insert;/customer/update;/customer/changewd;/customer/getinfo" +
            "/style;" +
            "/order/insert;/order/cancel;/order/delete;/order/getAllBarber;/order/order ";
    String barberURI="/barber/login;/barber/logout;/order/select;/order/cancel;/order/update;/barber/getinfo;/order/getAllBarber";

    @Override
    public void destroy() {
        //
    }

    @Override
    public void doFilter(ServletRequest arg0, ServletResponse arg1, FilterChain arg2)
            throws IOException, ServletException {
        // TODO Auto-generated method stub
        HttpServletRequest request = (HttpServletRequest) arg0;
        HttpServletResponse response = (HttpServletResponse) arg1;
        request.setCharacterEncoding("UTF-8");
        String uri = request.getRequestURI();//uri的地址
        logger.debug(uri);
        String ext = uri.substring(uri.lastIndexOf(".") + 1);//取uri地址.后面的
        logger.debug(ext);
        boolean 允许访问的资源 = "js".equals(ext)//js、css、txt等是可以访问的资源 判断是否和 url.后面 相等等为真
                || "css".equals(ext)
                || "txt".equals(ext)
                || "png".equals(ext)
                || "jpg".equals(ext)
                || "html".equals(ext)
                || "htm".equals(ext)
                || "ttf".equals(ext)//导航栏的管理前面的
                || "woff".equals(ext)
                || "woff2".equals(ext)
                || "ico".equals(ext)
                || "gif".equals(ext)//多选框增加删除的图标
                || "js".equals(ext)
                || uri.contains("register")
                || uri.contains("logintype")
                || uri.contains("upload.aspx")
                || uri.contains("forgetpwd")
                || uri.contains("upload")
                || uri.contains("login");

        if(uri.contains("logout")){
            request.getSession().setAttribute("islogin",null);
            request.getSession().removeAttribute("islogin");
            response.sendRedirect(request.getContextPath()+"/demo/layout/loginLayout.html");//用于获取当前Servlet上下文（Context）的路径。
            return;
        }

        HashMap m= (HashMap) request.getSession().getAttribute("islogin");
        logger.debug(m);//{password=lll, phone=111111, usertype=2, userid=3, username=哒玲玲}
//        Map emap=(HashMap) request.getSession().getAttribute("email");
//        logger.debug(emap);
        logger.debug(允许访问的资源);

        if(!允许访问的资源){ //
//
            if (m==null) {
                logger.debug("无权访问" + uri);
                logger.debug(request.getContextPath());
                response.sendRedirect(request.getContextPath()+"/demo/layout/loginLayout.html");//用于获取当前Servlet上下文（Context）的路径。
                return;
            }
        }//m.put("usertype",1);
        boolean allow=允许访问的资源;
        if (m != null) {
           int usertype = (int) m.get("usertype");//看是哪个用户null
            logger.debug(usertype);
            if(uri.contains("logintype")){
                response.getWriter().print(usertype);
                return;
            }
            if (usertype==1) {//管理员
                allow=allow||adminURI.contains(uri);
                if (!allow) {
                    response.getWriter().print("no privilege");
                    return;
                }
            }
            if (usertype == 2) {//顾客
                allow = allow||customerURI.contains(uri);
                    logger.debug(allow);
                if (!allow) {
                    response.getWriter().print("no privilege");
                    return;
                }
            }
            if (usertype == 3) {
                allow = allow||barberURI.contains(uri);
                if (!allow) {
                    response.getWriter().print("no privilege");
                    return;
                }
            }
        }


		arg0.setCharacterEncoding("UTF-8");
		arg1.setCharacterEncoding("UTF-8");




		arg2.doFilter(arg0, arg1);
    }

    @Override
    public void init(FilterConfig arg0) throws ServletException {
        // TODO Auto-generated method stub



    }
}
